Archives

BinSkim is a checker that examines Portable Executable (PE) files and their associated Program Database File Formats (PDB) to identify various security problems. These include:

* Use of Outdated Compiler Tool Sets – Binaries should be compiled against the most recent compiler tool sets wherever possible to maximize the use of current compiler-level and OS-provided security mitigations.
* Insecure Compilation Settings – Binaries should be compiled with the most secure settings possible to enable OS-provided security mitigations, maximize compiler errors and actionable warnings reporting, among other things.
* Signing issues – Signed binaries should be signed with cryptographically-strong algorithms.